public function EntityAccessController::access

Checks access to an operation on a given entity or entity translation.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The operation access should be checked for. Usually one of "view", "create", "update" or "delete".

string $langcode: (optional) The language code for which to check access. Defaults to Language::LANGCODE_DEFAULT.

\Drupal\Core\Session\AccountInterface $account: (optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.

Return value

bool TRUE if access was granted, FALSE otherwise.

Overrides EntityAccessControllerInterface::access

1 call to EntityAccessController::access()
NodeAccessController::access in drupal/core/modules/node/lib/Drupal/node/NodeAccessController.php
Checks access to an operation on a given entity or entity translation.
1 method overrides EntityAccessController::access()
NodeAccessController::access in drupal/core/modules/node/lib/Drupal/node/NodeAccessController.php
Checks access to an operation on a given entity or entity translation.

File

drupal/core/lib/Drupal/Core/Entity/EntityAccessController.php, line 28
Contains \Drupal\Core\Entity\EntityAccessController.

Class

EntityAccessController
Defines a default implementation for entity access controllers.

Namespace

Drupal\Core\Entity

Code

public function access(EntityInterface $entity, $operation, $langcode = Language::LANGUAGE_DEFAULT, AccountInterface $account = NULL) {
  if (!$account) {
    $account = $GLOBALS['user'];
  }
  if (($access = $this
    ->getCache($entity, $operation, $langcode, $account)) !== NULL) {

    // Cache hit, no work necessary.
    return $access;
  }

  // Invoke hook_entity_access(), hook results take precedence over overridden
  // implementations of EntityAccessController::checkAccess(). Entities
  // that have checks that need to be done before the hook is invoked should
  // do so by overridding this method.
  // We grant access to the entity if both of these conditions are met:
  // - No modules say to deny access.
  // - At least one module says to grant access.
  $access = module_invoke_all($entity
    ->entityType() . '_access', $entity
    ->getBCEntity(), $operation, $account, $langcode);
  if (in_array(FALSE, $access, TRUE)) {
    $return = FALSE;
  }
  elseif (in_array(TRUE, $access, TRUE)) {
    $return = TRUE;
  }
  else {

    // No result from hook, so entity checks are done.
    $return = (bool) $this
      ->checkAccess($entity, $operation, $langcode, $account);
  }
  return $this
    ->setCache($return, $entity, $operation, $langcode, $account);
}